log☇︎
253 entries in 0.719s
mircea_popescu: incidentally zx2c4 you familiar with all the phuctor work ? http://trilema.com/2015/on-how-the-factored-4096-rsa-keys-story-was-handled-and-what-it-means-to-you/ and all that ?
mircea_popescu: zx2c4, http://btcbase.org/log/2016-05-10#1465484 ☝︎
a111: Logged on 2018-04-23 22:05 mircea_popescu: !!key zx2c4
mircea_popescu: !!key zx2c4 ☟︎
a111: Logged on 2018-04-13 19:58 zx2c4: wondering - how might i achieve great wealth and donations for wireguard from you/trilema?
a111: Logged on 2018-04-16 16:05 zx2c4: mircea_popescu: i take it now that mostly you're skeptical because the nsa was pushing ecc in the early years, before everyone else woke up to it
a111: Logged on 2018-04-12 16:30 mircea_popescu: !!pay zx2c4 1 ☟︎
mircea_popescu: zx2c4, it doesn't pay enough to save ? i made more money than i knew what to do with during my stint.
mircea_popescu: zx2c4, well, so then take it easy and trust in the future ? obviously not everyone can possibly be running clippers to india, else who'd be making the colonnades back in the forum.
mircea_popescu: zx2c4, they have no pill for rsa ; which is why the ecc behaviour.
mircea_popescu: zx2c4, not doomed as long as the republic stands.
mircea_popescu: zx2c4, my concern is that the literature is entirely worthless.
mircea_popescu: zx2c4, understand, the expectation here isn't "longer, therefore better". the situation is as described above, my key budget is 4096 bits, both ecc and rsa are ok by this measure.
mircea_popescu: zx2c4, look, think of a number between 0 and 2, 0 and 2 exclusive. have you ? here i go, ima guess it! you thought of 1!
mircea_popescu: zx2c4, i am very skeptical because rsa they hated and ecc they pushed and then suddenly everyone forgot the 90s and is all onboard.
mircea_popescu: zx2c4, looky, i get that i may seem retarded at times and in some lights, but it's not a safe assumption.
mircea_popescu: zx2c4, and the "that many attacks against RSA dont work with ECC" claim is especially odious, as it comes from a single source, which is a criminal org with a history of manipulatively lying. what happens is that usg publishes every ~useless "attack" on rsa and withholds the few ~working~ attacks on ecc from publishing. then you get this situation where seemingly, for the very naive surface-seekers, "ecc has advantages". it h
mircea_popescu: zx2c4, i proposition that the smaller the key, the smaller the key. this can't be meaningless.
mircea_popescu: zx2c4, the only thing you can get with a smaller key is "something just as good", in the sense mcdonalds is just as good as the restaurant i go to. perhaps it is -- for the poor. i'm not poor, nor do i orient my life around the needs of the needy.
mircea_popescu: zx2c4, no, they're fucking disputable. you're going to tell me you get "the same thing" but "with a smaller key" ? i'm tuning out, this is nonsense.
mircea_popescu: zx2c4, i don't buy into the advantages.
mircea_popescu: zx2c4, given like that for the sake of ready computability, see. nothing more.
mircea_popescu: zx2c4, was just an example.
mircea_popescu: zx2c4, i suspect you're right.
mircea_popescu: zx2c4, the idea being that the "wtf are you going to do, keep talking forever with anyone you ever talk to ?! morons!" problem is not unknown, but a major item giving me a bellyache as it stands now. invariants, god damn them all.
mircea_popescu: zx2c4, tmsr, the most serene republic, this thing. gossipd, lessee.... there's http://trilema.com/2016/gossipd-design-document/ and http://btcbase.org/log-search?q=gossipd and not much else. it's vaporware for now.
mircea_popescu: zx2c4, aha.
mircea_popescu: zx2c4, yeah. have you seen anything re gossipd, ~speaking the tmsr-wireguard ?
mircea_popescu: zx2c4, honestly, i'm satisfied with this for an answer "look, wireguard can be used many ways, nothing wrong with your way, and it's supported, but in general other people want other things and so there it is".
mircea_popescu: zx2c4, so is your idea that basically this should be handled by the app importing your lib, rather than the lib itself, more flexibility this way ?
mircea_popescu: zx2c4, i don't mean random (20,200). i just mean, the size of your smallest non-zero packet. was it 8 or what was it ?
mircea_popescu: zx2c4, some random 8 byte string or whatever.
mircea_popescu: zx2c4, but the option isn't exactly "send nothing or send 0 length message". the option is "send nothing / zero length message OR send the time".
mircea_popescu: zx2c4, go ahead.
mircea_popescu: zx2c4, does that work ?
mircea_popescu: zx2c4, yes.
a111: Logged on 2018-04-13 20:37 zx2c4: i'm not saying everyone with leisure _does_ do something worthwhile with it. but you cant deny that leisure is in many cases a necessary precondition for many great aspects of civilization
mircea_popescu: it's indisputable that the work put in by various republian people is worth money ; and this constitutes an investment they made. nevertheless, how this is evaluated is rather an open question -- according to say zx2c4
a111: Logged on 2018-04-13 20:16 mircea_popescu: zx2c4 you'd be terribly worse off, and so would be the bitcoin ecosystem.
a111: Logged on 2018-04-13 20:22 zx2c4: the reason is actually, "so that i can have a fixed income without any concrete labor obligations"
a111: Logged on 2018-04-13 20:37 zx2c4: i'm not saying everyone with leisure _does_ do something worthwhile with it. but you cant deny that leisure is in many cases a necessary precondition for many great aspects of civilization
mircea_popescu: o hey, check it out zx2c4 ! leisure works!
mircea_popescu: zx2c4 i'm sorry, i got confused. " this scandal is why socrates didn't even fucking want plato's disgusting silver. and now think -- that for his great merits, socrates was in fact given by the city "2000 btc"" is what i meant.
mircea_popescu: zx2c4 so i take it you're familiar with history as retold by the esl : how socrates died, and how plato did not die.
mircea_popescu: zx2c4 but you are aware how the economics of either greek philosophy or jazz music worked irl ?
mircea_popescu: zx2c4 so where's the 500 rembrandts ? (do you know the reference ?)
mircea_popescu: zx2c4 that's the same thing.
mircea_popescu: zx2c4 looky, the only reason you want "an infinity of monyz" is "so that i don't have to tihnk of monyz anymore", which is simply the way you've rephrased "so i can be stupid with impunity" in a way to meet your blindspots.
mircea_popescu: zx2c4 this certainty is borne out of nothing in particular. i've been sitting here for many years, watching many kinds and sorts of people getting power beyond their means.
mircea_popescu: zx2c4 no, because you'd do something stupid.
mircea_popescu: zx2c4 you'd be terribly worse off, and so would be the bitcoin ecosystem. ☟︎
mircea_popescu: zx2c4 understand, this self-flattering notion that you're in control is bunk. you're in no position to be in control in that sense. all that you're filtering for by that mechanism is "bullshit deal i don't comprehend". which... of course you would be.
mircea_popescu: zx2c4 it relates specifically to the "which is why real funding for wireguard would be so much better". no, it wouldn 't be. you'd just end up trapped in some sort of bullshit deal.
mircea_popescu: zx2c4 it's more generally about how the whole sucker business works.
mircea_popescu: zx2c4 you ever read http://trilema.com/2015/you-know-what-gets-no-airplay-unflattering-truth/ ? it'd explain the matter thoroughly.
mircea_popescu: zx2c4 how's that work out btw ? i vaguely considered it for eulora but never actually bothered to push the point.
mircea_popescu: zx2c4 you pretty much work alone on the thing, don;t you ?
mircea_popescu: zx2c4 i don't get it, you just got a coin, should last you a while neh ?
BingoBoingo: zx2c4: You spoke a lot yesterday, but neglected an important question: Who is your daddy and what does he do?
mircea_popescu: zx2c4 talk to me here plox.
a111: Logged on 2018-04-12 17:27 mircea_popescu: zx2c4 the good news is that i am now finally in a position to explain what EXACTLY is meant by "terrorist" : that feeling in http://btcbase.org/log/2018-04-12#1797417 when shit keeps coming and coming and coming up. what is it, if not spiritual terror ?
a111: Logged on 2018-04-13 00:42 zx2c4: spyked: http://btcbase.org/log/2018-04-12#1797801 tamarin (and cryptoverif and proverif) spit out the proof too. tamarin has a nice mode that will draw diagrams and flow charts too to make it easier to digest the proofs. people even have scripts to convert the output into latex in case you want an academic paper for free...
mircea_popescu: zx2c4 specifically for the "empty room" problem he brought up. do you follow the logic there ?
a111: Logged on 2018-04-12 20:20 spyked: zx2c4, I've been looking over the tamarin protocol verification paper and I'm curious, what does "symbolic verification" mean? also, what's the thing's output? is it just a "yes, properties hold" or does it also output the proof?
zx2c4: https://git.zx2c4.com/WireGuard/tree/src/crypto/curve25519-arm.S
zx2c4: mircea_popescu: asciilifeform: http://btcbase.org/log/2018-04-12#1797528 http://btcbase.org/log/2018-04-12#1797506 -- in case you're interested in the ecc stuff more, the formally verified fiat and hacl implementations are not the only ones we have. we also have constant time accelerated x86 adx and bmi2 implementations https://git.zx2c4.com/WireGuard/tree/src/crypto/curve25519-x86_64.h and also constant time accelerated arm neon implementations ☝︎☝︎
spyked: zx2c4, I've been looking over the tamarin protocol verification paper and I'm curious, what does "symbolic verification" mean? also, what's the thing's output? is it just a "yes, properties hold" or does it also output the proof? ☟︎
a111: Logged on 2018-04-12 16:25 zx2c4: i havent compiled a list of Name+WrittenReview. maybe i should do that
a111: Logged on 2018-04-12 16:15 zx2c4: shape packing?
a111: Logged on 2018-04-12 16:13 zx2c4: but even hardness of factoring... how hard is this actually? what number theoretic advances are right around the corner?
a111: Logged on 2018-04-12 16:12 zx2c4: things like RSA boil down to number theory problems. but that's in a sense scarier than the set of problems that good block ciphers tend to boil down to. because it means that those primitives have lots of _structure_, and generally structure is something that can be exploited. just look at all the amazing and fantastic attacks on things with structure. so just boiling down to a [currently considered] "hard problem" doesn't provide as much solace
a111: Logged on 2018-04-12 15:57 zx2c4: https://א.cc/wrlf5K8I voila
a111: Logged on 2018-04-12 15:53 zx2c4: https://git.zx2c4.com/WireGuard/tree/src/crypto/curve25519-fiat32.h
a111: Logged on 2018-04-12 15:48 zx2c4: our two x25519 C implementations (32bit and 64bit) are actually generated by theorem proving software, so that we're sure they dont contain any errors
ckang: hey nice glad to see zx2c4 made it in
asciilifeform: zx2c4: you can come back any time, you have voice now.
mircea_popescu: zx2c4 and the good news is, linus permitted ada modules before.
asciilifeform: zx2c4: there is some quite 'fascist' compile-time checking. most noobs to the lang, spend a week or so getting their proggy to even build.
asciilifeform: zx2c4: performance is difficult to compare; if you remove various safeguards, you get ~same binary as equiv c proggy would have produced on same ver of gcc.
a111: Logged on 2018-04-12 17:20 zx2c4: you guys have invented lots of things here
mircea_popescu: zx2c4 the good news is that i am now finally in a position to explain what EXACTLY is meant by "terrorist" : that feeling in http://btcbase.org/log/2018-04-12#1797417 when shit keeps coming and coming and coming up. what is it, if not spiritual terror ? ☝︎☟︎
mircea_popescu: could you guess, zx2c4 , why we would favour ada for finnicy work such as crypto libs ?
asciilifeform: zx2c4, mircea_popescu : it is quite trivial to build a kernel mod with gnat
mircea_popescu: zx2c4 you ever used ada ?
asciilifeform: mircea_popescu: zx2c4's thing ? nope, notyet
asciilifeform: zx2c4: this isn't v per se tho, it is a graphical viewer for same
mircea_popescu: zx2c4 is this constant time ecc implementation on display somewhere btw ? i don't think i ever saw one before.
asciilifeform: zx2c4: the distinguishability of keepalives also makes it considerably easier to carry out timing attack on your nonconstanttime ecc engine
mircea_popescu: zx2c4 suppose he is sending keepalives, what.
asciilifeform: zx2c4: speaking in general of symmetric ciphers -- a known-plaintext instance anywhere in the stream, or even a means of narrowing down possible plaintext, makes for considerably cheaper break
mircea_popescu: zx2c4 here's a simple alternative to consider : would you agree the assemblage would be more secure if instead of sending a null payload you sent a random string ?
asciilifeform: zx2c4: it would appear that you have a known-plaintext though
mircea_popescu: zx2c4 the fundamental problem with "set to empty" is that ciphers can be and many are vulnerable to this, as a particular case of "known plaintext"
mircea_popescu: zx2c4 for the public record, make the "this is not the case" distinction plain.
asciilifeform: zx2c4: generally you will say !!up to deedbot in pm
mircea_popescu: zx2c4 you can voice yourself (permanently) by saying !!up to deedbot ; saves us the trouble.
deedbot: zx2c4 voiced for 30 minutes.
asciilifeform: !!up zx2c4
asciilifeform: i understand the bare fact, zx2c4 . my question is, why do you think the protocol author permitted an unsecured mode as a valid mode of operation ?
asciilifeform: zx2c4: granted, but it would appear that the orig spec of 'noise' permits null-ciphering, just like the nsa-authored ssl/tls.